https://bugzilla.wikimedia.org/show_bug.cgi?id=57270
--- Comment #6 from Chris Steipp <[email protected]> --- A few more specific issues: Hooks.php * Line 234 - please escape $action in query includes/RecentChanges/Formatter.php * Should use Linker instead of building <a>'s yourself. Not a blocker. * Please use escaped() instead of text() for messages in topicHistoryLink, postHistoryLink, topicLink, postLink; or use Html::element instead of rawElement In general, I'm working on reviewing the templates, although the structure makes them very difficult to review. I'm probably not going to be able to complete the code review by tomorrow. I've been doing some testing on the frontend, I'm happy with the xss filtering for the page itself and recent changes, but I'm not able to use the board-history, either in the labs ee-flow instance, or my local dev which is running both master and the version I'm review from last Friday. If that can be fixed before tomorrow, I'll work on fuzzing it. If not, then I'm assuming the deployment will be held off for it anyway? -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
